Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Guru
Created on 12-31-2018 05:59 PM
Problem Statement : The hdfs encryption guide for HDP 3.0.1 states "In Ambari, replace the current value of dfs.permissions.superusergroup with the group name “operator”. however, this option is not available from Ambari.
RootCause : As per fix of Apache bug : https://issues.apache.org/jira/browse/AMBARI-22086 ,ambari considers the dfs.permissions.superusergroup as a group property and by default the group property is not meant to be edited in ambari-ui. So the ui disabled the editing of this property by default.
Workaround :
Navigate to ambari-server and change this config via configs.py
/var/lib/ambari-server/resources/scripts/configs.py -l <AMBARI_HOSTNAME>-t 8080-u <USER_NAME>-p <PASSWORD>-a <GET/SET/DELETE>-n <CLUSTER_NAME>-c <CONFIG_TYPE>-k <KEY>-v <VALUE>
For ex :
[root@asnaik-asnaik1 ~]# /var/lib/ambari-server/resources/scripts/configs.py --help
Usage: configs.py [options]
Options:
-h, --help show this help message and exit
-t PORT, --port=PORT Optional port number for Ambari server. Default is
'8080'. Provide empty string to not use port.
-s PROTOCOL, --protocol=PROTOCOL
Optional support of SSL. Default protocol is 'http'
-a ACTION, --action=ACTION
Script action: <get>, <set>, <delete>
-l HOST, --host=HOST Server external host name
-n CLUSTER, --cluster=CLUSTER
Name given to cluster. Ex: 'c1'
-c CONFIG_TYPE, --config-type=CONFIG_TYPE
One of the various configuration types in Ambari. Ex:
core-site, hdfs-site, mapred-queue-acls, etc.
To specify credentials please use "-e" OR "-u" and "-p'":
-u USER, --user=USER
Optional user ID to use for authentication. Default is
'admin'
-p PASSWORD, --password=PASSWORD
Optional password to use for authentication. Default
is 'admin'
-e CREDENTIALS_FILE, --credentials-file=CREDENTIALS_FILE
Optional file with user credentials separated by new
line.
To specify property(s) please use "-f" OR "-k" and "-v'":
-f FILE, --file=FILE
File where entire configurations are saved to, or read
from. Supported extensions (.xml, .json>)
[root@asnaik-asnaik1 ~]# /var/lib/ambari-server/resources/scripts/configs.py -l asnaik1 -t 8080 -u admin -p admin -a set -n asnaik -c hdfs-site -k dfs.permissions.superusergroup -v hdfs,operator
2018-12-10 15:19:00,604 INFO ### Performing "set":
2018-12-10 15:19:00,604 INFO ### new property - "dfs.permissions.superusergroup":"hdfs,operator"
2018-12-10 15:19:00,663 INFO ### on (Site:hdfs-site, Tag:version1543379050314)
2018-12-10 15:19:00,675 INFO ### PUTting json into: doSet_version1544455140675467.json
2018-12-10 15:19:00,767 INFO ### NEW Site:hdfs-site, Tag:version1544455140675467
[root@asnaik-asnaik1 ~]# /var/lib/ambari-server/resources/scripts/configs.py -l asnaik1 -t 8080 -u admin -p admin -a get -n asnaik -c hdfs-site -k dfs.permissions.superusergroup |grep -i dfs.permissions.superusergroup
